File fix_certificates_lookup.patch of Package go.2145

Index: go/src/crypto/x509/root_linux.go
===================================================================
--- go.orig/src/crypto/x509/root_linux.go
+++ go/src/crypto/x509/root_linux.go
@@ -6,8 +6,5 @@ package x509
 
 // Possible certificate files; stop after finding one.
 var certFiles = []string{
-	"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
-	"/etc/pki/tls/certs/ca-bundle.crt",   // Fedora/RHEL
-	"/etc/ssl/ca-bundle.pem",             // OpenSUSE
-	"/etc/pki/tls/cacert.pem",            // OpenELEC
+	"/etc/ssl/ca-bundle.pem",             // openSUSE and SLE12+
 }
Index: go/src/crypto/x509/root_unix.go
===================================================================
--- go.orig/src/crypto/x509/root_unix.go
+++ go/src/crypto/x509/root_unix.go
@@ -6,12 +6,15 @@
 
 package x509
 
-import "io/ioutil"
+import (
+	"io/ioutil"
+	"os"
+)
 
 // Possible directories with certificate files; stop after successfully
 // reading at least one file from a directory.
 var certDirectories = []string{
-	"/system/etc/security/cacerts", // Android
+	"/etc/ssl/certs", // SLE11
 }
 
 func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
@@ -29,22 +32,26 @@ func initSystemRoots() {
 		}
 	}
 
+	rootsAdded := false
+
 	for _, directory := range certDirectories {
 		fis, err := ioutil.ReadDir(directory)
 		if err != nil {
 			continue
 		}
-		rootsAdded := false
 		for _, fi := range fis {
+			if fi.Mode()&os.ModeSymlink != 0 {
+				continue
+			}
 			data, err := ioutil.ReadFile(directory + "/" + fi.Name())
 			if err == nil && roots.AppendCertsFromPEM(data) {
 				rootsAdded = true
 			}
 		}
-		if rootsAdded {
-			systemRoots = roots
-			return
-		}
+	}
+
+	if rootsAdded {
+		systemRoots = roots
 	}
 
 	// All of the files failed to load. systemRoots will be nil which will